1 ip acls, Access-list ip – PLANET SGSD-1022 User Manual

User’s Manual of SGSD-1022 / SGSD-1022P

SGSW-2840 / SGSW-2840P

Table 5-46 Access Control Lists

5.14.1 IP ACLs

The commands in this section configure ACLs based on IP addresses, TCP/UDP port number, protocol type, and TCP control

code. To configure IP ACLs, first create an access list containing the required permit or deny rules, and then bind the access list

to one or more ports.

Command

Function

Mode

access-list ip

Creates an IP ACL and enters configuration mode for standard

or extended IP ACLs

GC

permit, deny

Filters packets matching a specified source IP address

STD-ACL

permit, deny

Filters packets meeting the specified criteria, including source

and destination IP address, TCP/UDP port number, protocol

type, and TCP control code

EXT-ACL

show ip access-list

Displays the rules for configured IP ACLs

PE

ip access-group

Adds a port to an IP ACL

IC

show ip access-group

Shows port assignments for IP ACLs

PE

map access-list ip

Sets the CoS value and corresponding output queue for packets

matching an ACL rule

IC

show map access-list ip

Shows CoS value mapped to an access list for an interface

PE

Table 5-47 IP ACL Commands

access-list ip

This command adds an IP access list and enters configuration mode for standard or extended IP ACLs. Use the no form to

remove the specified ACL.

Syntax

[no] access-list ip {standard | extended} acl_name

• standard – Specifies an ACL that filters packets based on the source IP address.

• extended – Specifies an ACL that filters packets based on the source or destination IP address, and other more

specific criteria.

• acl_name – Name of the ACL. (Maximum length: 16 characters)

Default Setting

None

Command Mode

Global Configuration

Command Usage

502